msgbartop
All about Google Chrome & Google Chrome OS
msgbarbottom

31 Mar 12 Chrome 18 release fixes bug competition finds


It was the Pwnium competition held by Google that revealed the bugs that the newest release of Google’s Chrome web browser version 18. This version has been release today to the public in its first stable release, and includes notes to the effect of congratulating the participants of the Pwnium competition for their hard work and great contributions to the Chrome project. The Chromium security page has full details of what this update is all about, meanwhile let’s have a look at some simplified details below!

The following list includes prize money as well as numbered fixes that were made in the Pwnium contest this past Pwnium season. Google’s Chrome team has opened their pocketbook again and found that, surprise, developers and hackers alike do indeed enjoy finding exploits, especially when there’s cash involved. Check the dollar bills!

[$500] [109574] Medium CVE-2011-3058: Bad interaction possibly leading to XSS in EUC-JP. Credit to Masato Kinugawa.
[$500] [112317] Medium CVE-2011-3059: Out-of-bounds read in SVG text handling. Credit to Arthur Gerkis.
[$500] [114056] Medium CVE-2011-3060: Out-of-bounds read in text fragment handling. Credit to miaubiz.
[116398] Medium CVE-2011-3061: SPDY proxy certificate checking error. Credit to Leonidas Kontothanassis of Google.
[116524] High CVE-2011-3062: Off-by-one in OpenType Sanitizer. Credit to Mateusz Jurczyk of the Google Security Team.
[117417] Low CVE-2011-3063: Validate navigation requests from the renderer more carefully. Credit to kuzzcc, Sergey Glazunov, PinkiePie and scarybeasts (Google Chrome Security Team).
[$1000] [117471] High CVE-2011-3064: Use-after-free in SVG clipping. Credit to Atte Kettunen of OUSPG.
[$1000] [117588] High CVE-2011-3065: Memory corruption in Skia. Credit to Omair.
[$500] [117794] Medium CVE-2011-3057: Invalid read in v8. Credit to Christian Holler.

The three fixes you see there without monetary amounts belong to the entity known as AddressSantitizer – with again, help from the Google Chrome security team. No robot shall be left to stand alone! Also there were $8,000 USD more distributed amongst coders at the events leading up to this release, so high fives for you all!

You can download the new version of Google Chrome now via this link: [GOOGLE CHROME 18 DOWNLOAD HERE] and know this as well: it contains the new Adobe Flash release as well. Upgrades for everyone!

Article source: http://www.slashgear.com/chrome-18-release-fixes-bug-competition-finds-29220630/

Tags: , , ,

31 Mar 12 Google Promises "Moar Better Graphics" With GPU-Driven Chrome 18




Print

17 comment(s) – last by Reclaimer77.. on Mar 30 at 7:51 PM


Chrome is emerging as third major player in the browser market

At its peak in 2003, Microsoft Corp. (MSFT) controlled over 94 percent of the browser market.  Inspired to “free” the world’s internet access from the control of one single company, the Mozilla Foundation launched the open source browser Firefox in 2004, a browser which would offer Microsoft its first serious challenge since Netscape Navigator.  And in 2008, Google Inc. (GOOG), makers of the world’s most popular search engine, released a second serious open source – “Chrome”.

Today Chrome has an estimated 18.9 percent of the market [source] and is the world’s fastest growing browser (Firefox has 20.9 percent, Microsoft’s Internet Explorer owns 52.8 percent).

Google this week announced the release of the 18th edition of its popular browser.  Available on every major personal computer platform — Windows, Linux, and even Macs – the new version brings fancier graphics and a number of bug fixes.

Google continues to pay top dollar to security researchers for finding flaws in its browser.  It awarded miaubiz, Chamal de Silva, Atte Kettunen of OUSPG, Aki Helin of OUSPG and Arthur Gerkis personal thanks and a bounty of $8,000 USD for helping it fix its flaws.

Serious flaws in OpenType and Skia handling were fixed.  Five “medium” priority handling errors were also patched.

Bugfixes aside, the new release brings GPU acceleration to Canvas2D, a key emerging web standard, which allows for beautiful 2D animations without proprietary standards.  The new releases also adds TransGaming’s SwiftShader engine, which allows 3D web graphics based on the WebGL standard.

SwiftShader
SwiftShader is is seen here running 3D Mark ’03.  The engine allows for 3D graphics on the web, and has been added exclusively to Google’s popular Chrome browser.
[Image Source: TransGaming]


For those looking to get their 3D web gaming on, Google does caution, “Keep in mind that a software-backed WebGL implementation is never going to perform as well as one running on a real GPU, but now more users will have access to basic 3D content on the web.”

Sounds like GPU acceleration of WebGL is still a work in progress.

The upgrade also includes a new version of Adobe Systems Inc.’s (ADBE) Flash multimedia platform, which contains bug fixes and performance upgrades of its own.

Sources: Google [1], [2], TransGaming

Article source: http://www.dailytech.com/Google+Promises+Moar+Better+Graphics+With+GPUDriven+Chrome+18/article24335.htm

Tags: , , ,